Hi  Matt Hillebrand,

> That sounds mighty secure, but I think he's trying to verify that the
> email address does indeed belong to the person creating an account.

I don't think so. Normaly you identify you by typing username and password
into the textfields. Sometimes the username is identical with your email.
I suggested the way via ssl because of the password-problem. I've heart
that for epayment and transactions with onlinebanking it is based on law
that the connection must be encrypted/ssl. 
> I use the following two functions to create a random number, and then I
> insert it into the DB. Then I send a URL inside the confirmation email
> that points to a script for verification of the random number. (The
> parameters of the URL are the random number and username for that
> particular account.)
>       function seed() {
>               list($usec,$sec)=explode(' ',microtime());
>               mt_srand($sec * $usec);
>       }
>       function mk_random($size) {
>               // $size is the number of digits in $num
>               $num = '';
>               seed();
>               for($i=0; $i<$size; $i++) {
>                       $num .= mt_rand(0, 9);
>               }
>               return $num;
>       }
> Matt


Ruprecht Helms IT-Service und Softwareentwicklung

Tel/Fax.:      +49[0]7621 16 99 16
Homepage:  http://www.rheyn.de
email:          [EMAIL PROTECTED]

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to